If you’ve been meaning to remind your employees not to fall for the W-2 phishing scam, but just haven’t managed to get around to it yet, consider this report yesterday from Wapack Labs about what they’re seeing in marketplaces on the darkweb:
Wapack Labs has identified an actor in the Tor-based markets – we have labeled “Taxman”. Taxman is selling U.S. W-2 Forms from 2016 as well as taxpayer dates of birth. He also sells bank account information for at least one U.S. and one Australian bank, as well as Credit Reports. Taxman also sells botnets, along with installation and support for same. He is a verified vendor on several Darkweb Tor-based .onion domains and deals exclusively in Bitcoin.
So… if you don’t want your employees’ information to wind up for sale on the darkweb, what are you waiting for? Is there really anything more important than preventing this kind of aggravation for your employees that can haunt them for years to come?
Send an email. Call a meeting. Show them samples of phishing emails. Get the word out so that if an email hits their inbox requesting they send W-2’s to what appears to be an executive, they should bring it to an executive’s attention. You can find helpful information from the IRS that describes the scam and provides some advice on the IRS’s web site.
This year, I am beginning to see reports of companies that didn’t fall for the scam when criminals tried to run one. I hope to see many more reports of entities not falling for this scam because they educated their employees.
If your company avoided falling victim, feel free to brag about it in the Comments section.
We have the capability to test-phish our HR group, and do so on a recurring basis. Nothing is 100% fool-proof, but constant exposure to the threat has (so far) kept us from being added to your list.
Keep up the great work! You’re right, nothing’s 100% fool-proof, but should anything happen and there be any lawsuit, your employer would be able to demonstrate that they made recurring efforts to prevent the problem.